package pri.hillchen.springboot.shiro.shiro;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.util.StringUtils;
import pri.hillchen.springboot.shiro.entity.Permission;
import pri.hillchen.springboot.shiro.entity.User;
import pri.hillchen.springboot.shiro.service.PermissionService;
import pri.hillchen.springboot.shiro.service.UserService;

import javax.annotation.Resource;
import java.util.List;

/**
 * Created by hillchen on 2017/10/16 0016.
 */
public class ShiroRealm extends AuthorizingRealm {
    @Resource
    private UserService userService;
    @Resource
    private PermissionService permissionService;

    /**
     * 权限控制
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        /*
        * 当没有使用缓存的时候，不断刷新页面的话，这个代码会不断执行，
        * 当其实没有必要每次都重新设置权限信息，所以我们需要放到缓存中进行管理；
        * 当放到缓存中时，这样的话，doGetAuthorizationInfo就只会执行一次了，
        * 缓存过期之后会再次执行。
        */
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        String username  = (String)principals.getPrimaryPrincipal();
        List<Permission> permissions = permissionService.queryUserPermission(username);
        for(Permission permission : permissions){
            authorizationInfo.addStringPermission(permission.getUrl());
        }
        return authorizationInfo;
    }

    /**
     * 身份认证
     * @param authecToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authecToken) throws AuthenticationException {

        UsernamePasswordToken token = (UsernamePasswordToken)authecToken;

        if(StringUtils.isEmpty(token.getUsername())){
            throw new AccountException("用户名不能为空");
        }

        User user = userService.findUserByUserName(token.getUsername());
        if(user == null){
            throw new UnknownAccountException("用户名没找到");
        }else{
            return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), this.getName());
        }/* else if(user.getPassword().equals(new String(token.getPassword()))){
            return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), this.getName());
        } else {
            throw new AuthenticationException("认证失败");
        }*/
    }
}
